Skip to content

Instantly share code, notes, and snippets.

@kiesia
Forked from philwo/attributes-default.rb
Created July 5, 2012 06:12
Show Gist options
  • Save kiesia/3051708 to your computer and use it in GitHub Desktop.
Save kiesia/3051708 to your computer and use it in GitHub Desktop.
Chef cookbook for nginx + passenger (compiled from source)
default['nginx']['version'] = "1.2.0"
default['nginx']['passenger']['version'] = "3.0.12"
# --- Install nginx ---
# First, remove unneeded packages
%w{ nginx nginx-light nginx-full nginx-extras }.each do |pkg|
package pkg do
action :remove
end
end
# Install nginx-common (contains the init-scripts) and packages needed for compilation
%w{ nginx-common build-essential libcurl4-openssl-dev libssl-dev zlib1g-dev libpcre3-dev }.each do |pkg|
package pkg
end
# Install passenger
gem_package 'passenger' do
action :upgrade
gem_binary '/usr/bin/gem1.9.1'
version node['nginx']['passenger']['version']
end
remote_file 'download nginx' do
action :create_if_missing
owner 'root'
group 'root'
mode '0644'
path "/usr/src/nginx-#{node['nginx']['version']}.tar.gz"
source "http://nginx.org/download/nginx-#{node['nginx']['version']}.tar.gz"
end
execute 'extract nginx' do
command "tar xvfz nginx-#{node['nginx']['version']}.tar.gz"
cwd '/usr/src'
not_if do
File.directory? "/usr/src/nginx-#{node['nginx']['version']}"
end
end
execute 'build nginx' do
command "passenger-install-nginx-module" <<
" --auto" <<
" --prefix=/opt/nginx-#{node['nginx']['version']}" <<
" --nginx-source-dir=/usr/src/nginx-#{node['nginx']['version']}" <<
" --extra-configure-flags='--with-ipv6 --with-http_realip_module'"
not_if do
File.exists?("/opt/nginx-#{node['nginx']['version']}/sbin/nginx") &&
File.exists?("/var/lib/gems/1.9.1/gems/passenger-#{node['nginx']['passenger']['version']}/agents/PassengerWatchdog")
end
end
# Setup nginx environment
link '/usr/sbin/nginx' do
to "/opt/nginx-#{node['nginx']['version']}/sbin/nginx"
end
link '/etc/nginx/logs' do
to '/var/log/nginx'
end
# Configuration files
template '/etc/default/nginx' do
owner 'root'
group 'root'
mode '0644'
source 'nginx.erb'
notifies :reload, "service[nginx]"
end
template '/etc/nginx/nginx.conf' do
owner 'root'
group 'root'
mode '0644'
source 'nginx.conf.erb'
notifies :reload, "service[nginx]"
end
service "nginx" do
supports :status => true, :restart => true, :reload => true
action [ :enable, :start ]
end
user www-data;
worker_processes 2;
worker_cpu_affinity 0101 1010;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 1024;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 5;
types_hash_max_size 2048;
server_tokens on;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_comp_level 9;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_vary on;
# on = helps free the backend fast
# off = required for php flush() and ajax/comet based applications
# worse, if app-server generates large files
proxy_buffering on;
# This directive sets the text, which must be changed in response-header
# "Location" and "Refresh" in the response of the proxied server.
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1024m;
#proxy_send_timeout 300;
#proxy_read_timeout 300;
#fastcgi_send_timeout 300;
#fastcgi_read_timeout 300;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1;
ssl_session_cache shared:SSL:2m;
ssl_ciphers HIGH:!ADH:!MD5;
passenger_root /var/lib/gems/1.9.1/gems/passenger-<%= node['nginx']['passenger']['version'] %>;
passenger_ruby /usr/bin/ruby1.9.1;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
# Note: You may want to look at the following page before setting the ULIMIT.
# http://wiki.nginx.org/CoreModule#worker_rlimit_nofile
# Set the ulimit variable if you need defaults to change.
# Example: ULIMIT="-n 4096"
#ULIMIT="-n 4096"
DAEMON_OPTS="-p /etc/nginx/ -c /etc/nginx/nginx.conf"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment